Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: jfrog/build-info-go
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: bd5e9b3e6b544f1d715881e87efacafee1c5a07d
Choose a base ref
..
head repository: jfrog/build-info-go
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 389f7661f6ea6df9ec99a1549044dd4bb821b350
Choose a head ref
32 changes: 20 additions & 12 deletions .github/workflows/analysis.yml
View file
Original file line number Diff line number Diff line change
@@ -12,24 +12,32 @@ jobs:
steps:
- name: Checkout Source
uses: actions/checkout@v4

- name: Setup Go with cache
uses: jfrog/.github/actions/install-go-with-cache@main

- name: Run Go-Sec scanner
uses: jfrog/.github/actions/gosec-scanner@main
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
cache: false
- name: Static Code Analysis
uses: golangci/golangci-lint-action@v3
with:
args: |
--timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars

Go-Sec:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4

- name: Setup Go with cache
uses: jfrog/.github/actions/install-go-with-cache@main

- name: Run golangci lint
uses: jfrog/.github/actions/golangci-lint@main
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
cache: false
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: -exclude G107,G204,G301,G302,G304,G306 -tests -exclude-dir \.*test\.* ./...

ShellCheck:
runs-on: ubuntu-latest
26 changes: 21 additions & 5 deletions .github/workflows/cla.yml
View file
Original file line number Diff line number Diff line change
@@ -10,10 +10,26 @@ jobs:
CLAssistant:
runs-on: ubuntu-latest
steps:
- name: Run CLA Check
uses: jfrog/.github/actions/cla@main
- uses: actions-ecosystem/action-regex-match@v2
id: sign-or-recheck
with:
event_comment_body: ${{ github.event.comment.body }}
event_name: ${{ github.event_name }}
text: ${{ github.event.comment.body }}
regex: '\s*(I have read the CLA Document and I hereby sign the CLA)|(recheck)\s*'

- name: "CLA Assistant"
if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
# Alpha Release
uses: cla-assistant/github-action@v2.3.0
env:
# Generated and maintained by GitHub
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}
# JFrog organization secret
PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}
with:
path-to-signatures: 'signed_clas.json'
path-to-document: 'https://jfrog.com/cla/'
remote-organization-name: 'jfrog'
remote-repository-name: 'jfrog-signed-clas'
# branch should not be protected
branch: 'master'
allowlist: bot*
7 changes: 5 additions & 2 deletions .github/workflows/frogbot-scan-and-fix.yml
View file
Original file line number Diff line number Diff line change
@@ -19,8 +19,11 @@ jobs:
with:
ref: ${{ matrix.branch }}

- name: Setup Go with cache
uses: jfrog/.github/actions/install-go-with-cache@main
# Install prerequisites
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x

- uses: jfrog/frogbot@v2
env:
7 changes: 5 additions & 2 deletions .github/workflows/frogbot-scan-pr.yml
View file
Original file line number Diff line number Diff line change
@@ -12,8 +12,11 @@ jobs:
# "frogbot" GitHub environment can approve the pull request to be scanned.
environment: frogbot
steps:
- name: Setup Go with cache
uses: jfrog/.github/actions/install-go-with-cache@main
# Install prerequisites
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x

- uses: jfrog/frogbot@v2
env:
15 changes: 12 additions & 3 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -36,6 +36,11 @@ jobs:
steps:
- uses: actions/checkout@v4

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x

- name: Setup Python3
uses: actions/setup-python@v5
with:
@@ -45,13 +50,17 @@ jobs:
run: pip3 install pipenv

- name: Setup Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node }}
check-latest: true

- name: Setup Go with cache
uses: jfrog/.github/actions/install-go-with-cache@main
- name: Go Cache
uses: actions/cache@v4
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-

- name: Lint
run: go vet ./...
Loading